app.post('/base/login/pwd', (req, res) => {
  const { username, password } = req.body
  if (username === 'doufen' && password === '123456') {
    res.json({ success: true, token: 'fake-token' })
  } else {
    res.status(401).json({ success: false, message: 'Invalid credentials' })
  }
})